Bug 115223 – SSL parameters not taken in account

Bug 115223 - SSL parameters not taken in account

Summary:	SSL parameters not taken in account

Status:	CLOSED RAWHIDE

Aliases:	None

Product:	Red Hat Enterprise Linux 3
Classification:	Red Hat
Component:	redhat-config-httpd (Show other bugs)
Sub Component:
Version:	3.0
Hardware:	i686 Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Phil Knirsch
QA Contact:
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2004-02-09 05:55 EST by jean-claude jouffre
Modified:	2015-03-04 20:13 EST (History)
CC List:	1 user (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2004-07-30 10:55:40 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description jean-claude jouffre 2004-02-09 05:55:30 EST

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; WinNT4.0; fr; rv:1.5)
Gecko/20031007 Firebird/0.7

Description of problem:
when creating a secure virtual host, no SSL parameter is written in
httpd.conf

Version-Release number of selected component (if applicable):
1.1.0-4

How reproducible:
Always

Steps to Reproduce:
1. create a virtual host
2. in SSL page, select SSL support
3. modify or not some options
4. validate all screens
5. the httpd.conf does not contain SSL parameters we have choosen
previously, but only "strange directives" :
   <IfDefine HAVE_SSL>
   </IfDefine>
    

Actual Results:  in httpd.conf, parameters :
<VirtualHost 1.2.3.4>
   <IfDefine HAVE_SSL>
   </IfDefine>


Expected Results:  <VirtualHost 1.2.3.4>
   SSLEngine on
   SSLCertificateFile /myfile1
   SSLCertificateKeyFile /myfile2
   SSLCertificateChainFile /myfile2
   SSLOptions FakeBasicAuth ExportCertData ...



Additional info:

here are some workarounds I made to let it work, but I don't know if
these are the proper fixes :
1) in /usr/share/redhat-config-httpd/ApacheControl.py file
   in _dehydrate_vhost_page_3 method, adding a string conversion :
      vhost.SSLCertificateFile = str(widget.get_text ())
      vhost.SSLCertificateKeyFile = str(widget.get_text ())
      vhost.SSLCertificateChainFile = str(widget.get_text ())
      vhost.SSLCACertificateFile = str(widget.get_text ())
   no need for SLLLog and SSLLogLevel (see 115221 bug)
2) in /usr/share/redhat-config-httpd/httpd.conf.xsl file
   in Virtual hosts part
      removing lines (I didn't understand their purpose) :
            <xsl:for-each select="SSLEngine">
            &lt;IfDefine HAVE_SSL>
         later on :
            </xsl:for-each>
         then :
            &lt;/IfDefine>
      adding the line :
         <xsl:for-each select="SSLOptions">SSLOptions <xsl:value-of
select="@VALUE" /></xsl:for-each>
      after the line :
<xsl:for-each select="SSLCACertificatePath">SSLCACertificatePath
<xsl:value-of select="@VALUE" /></xsl:for-each>

Comment 1 Phil Knirsch 2004-07-30 10:55:40 EDT

OK, that makes sense.

Including fixes, latest rawhide version s-c-h-1.2.1-1 will contain the
changes.

Read ya, Phil

Note You need to log in before you can comment on or make changes to this bug.